Skype leaves Sensitive User Data Unencrypted Locally On Computers
Apr 29, 2014
An application should always encrypt users' sensitive data, either it is local or stored on company servers, but still many popular services failed to provide fully secured solutions to their users. Cristian Dinu (DrOptix) and Dragoş Gaftoneanu , Romanian programmers at Hackyard Security Group , a private community dedicated to IT security research approaches ' The Hacker News ' editorial and claimed that the Microsoft owned most popular free voice calling service Skype leaves its local database unencrypted, that puts users' sensitive information at risk. All Skype-to-Skype voice, video, file transfers and instant messages are encrypted. Though, Skype's local database is also supposed to be encrypted because it is sensitive enough, but Dragoş found that Skype leaves users' full name, birthday, phone numbers, country, city and even full chat conversations unencrypted on the systems' hard drive in a known location without any encryption or password.